Return-Path: 
 <cocoon-dev-return-30019-apmail-xml-cocoon-dev-archive=xml.apache.org@xml.apache.org>
Delivered-To: apmail-xml-cocoon-dev-archive@xml.apache.org
Received: (qmail 81880 invoked by uid 500); 5 Aug 2002 01:59:56 -0000
Mailing-List: contact cocoon-dev-help@xml.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:cocoon-dev-help@xml.apache.org>
list-unsubscribe: <mailto:cocoon-dev-unsubscribe@xml.apache.org>
list-post: <mailto:cocoon-dev@xml.apache.org>
Reply-To: cocoon-dev@xml.apache.org
Delivered-To: mailing list cocoon-dev@xml.apache.org
Received: (qmail 81868 invoked from network); 5 Aug 2002 01:59:56 -0000
Message-ID: <02e701c23c23$d77312c0$0100a8c0@MAUCHI>
From: "Ivelin Ivanov" <ivelin@apache.org>
To: <cocoon-dev@xml.apache.org>
References: <00fb01c23bce$99a95b70$df74558b@vgritsenkopc>
Subject: Re: [Q] Cocoon 2.1 Authentication framework (aka sunRise)
Date: Sun, 4 Aug 2002 21:00:14 -0500
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N


Thanks Vadim.

Maybe we should make this explicit in the documentation.

I would assume that most J2EE applications use the standard API, which is
not perfect, but security is such a hair ball that a well understood and
properly used standard is a good thing after all.

Ivelin


----- Original Message -----
From: "Vadim Gritsenko" <vadim.gritsenko@verizon.net>
To: <cocoon-dev@xml.apache.org>
Sent: Sunday, August 04, 2002 10:50 AM
Subject: RE: [Q] Cocoon 2.1 Authentication framework (aka sunRise)


> > From: Ivelin Ivanov [mailto:ivelin@apache.org]
> >
> >
> > I have tried to read through the Auth. documentation and understand
> how it
> > relates to the authentication mechanism of the J2EE specification.
> >
> > I see that it supports roles and session context, but do not
> understand if
> > it is tied to the J2EE container's security.
> >
> > For example when authenticated through the container, a user principal
> and
> > role are available in the ServletRequest.
> > They are also carried over and applied to any J2EE resource like
> > transactions, datasources, EJBs, JMS, etc. through JNDI.
> >
> > So, my question:
> > Is the sunRise framework tied to the J2EE security APIs?
> > How can my EJBs be aware of the user name and role ?
>
> Carsten isn't there yet, but from what I understood, there is no
> integration with j2ee out of the box.
>
> Vadim
>
>
> > -=Ivelin=-
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: cocoon-dev-unsubscribe@xml.apache.org
> For additional commands, email: cocoon-dev-help@xml.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-dev-unsubscribe@xml.apache.org
For additional commands, email: cocoon-dev-help@xml.apache.org